CN101989242A - Bus monitor for improving safety of SOC (System on a Chip) as well as realizing method thereof - Google Patents
Bus monitor for improving safety of SOC (System on a Chip) as well as realizing method thereof Download PDFInfo
- Publication number
- CN101989242A CN101989242A CN2010105409948A CN201010540994A CN101989242A CN 101989242 A CN101989242 A CN 101989242A CN 2010105409948 A CN2010105409948 A CN 2010105409948A CN 201010540994 A CN201010540994 A CN 201010540994A CN 101989242 A CN101989242 A CN 101989242A
- Authority
- CN
- China
- Prior art keywords
- bus
- unit
- monitor
- data
- register
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/85—Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention discloses a bus monitor for improving the safety of an SOC (System on a Chip) as well as a realizing method thereof. The bus monitor is arranged between a system bus and a system control unit and comprises a setting unit, a condition judging unit, an effective data selecting unit, a hardware algorithm unit and a comparison output unit. The method of the invention can be used for monitoring bus behavior on the premise that the bus access efficiency is not influenced, detecting whether special bus access sequence behavior concerned by the system can be changed because of accidents, interpolation and malicious fault attacks and alarming the system if the special bus access sequence behavior is changed so that the system adopts a suitable safe measure to prevent security risks and prevent confidential information from being divulged because of incorrect system safety operation.
Description
Technical field
The present invention relates to SOC System on Chip/SoC safety, particularly a kind of bus monitor and its implementation that improves the SOC security of system.
Background technology
Along with the quickening of social informatization process, the security of information more and more becomes the important topic of concern, research.Safe SOC chip is widely used in the every field of information society, and its major function comprises the safe storage of user's critical data, electronic signature, identity discriminating and data encrypting and deciphering etc.Safe SOC chip is the core of its residing system security controls, so the security of itself is most important.Just because of the importance of data in the safe SOC chip, various attack meanses at safety SOC chip emerge in an endless stream.Security strategy corresponding to the various attack means has obtained deep research and realization at present.Security initialization, storage encryption protection, memory integrity verification, bus protection etc. are modal security strategies.The purpose of these security strategies all is that the expectation safety chip moves by a kind of safe mode, but their defective is the behavior that stresses to protect, and pays close attention to not enough to the effect of protection.And a lot of safety practices are confined to a certain independent protection behavior, can limit protection to the storer specific region such as storage protection.Many times, the safety protecting mechanism of system need be finished by sequence of operations, and such as carrying out one section indivisible specific security program, safety protecting mechanism needs this security procedure intactly can not be ended or be performed with inserting other program.Whether unusual present safe SOC chip pins few to the detection safeguard measure research of series of operations behavior on the data transmission channel.Experienced assailant can utilize bug to revise the operation action of safety chip, and wherein common attack mode comprises attack patterns such as jump instruction is attacked, interruption attack, stack smashing; Or directly carry out the execution that fault attacks destroys security initialization or security procedure, cause the chip operation exception.In order to remedy this defective, under traditional safeguard protection strategy, should increase to these security strategies final embody the behavior of bus sequence and detect.Very unfortunate, directly the scheme that the transmission channel system bus of data is monitored in real time by certain security algorithm is temporarily blank.
Therefore, how the transmission channel system bus of data being monitored in real time, how to be judged whether the behavior of bus sequence is normal, is safe SOC chip problem demanding prompt solution with the purpose that reaches the safe SOC chip of protection.
Summary of the invention
The objective of the invention is to solve above-mentioned problems of the prior art, propose a kind of bus monitor and its implementation that improves the SOC security of system.
The present invention finds mistake by the correctness and the integrality that monitor the corresponding specific bus access sequence behavior on the SOC bus of security configuration process or security procedure operational process, and the warning of generation system, thereby effectively prevents leakage of information.
The technical solution used in the present invention is, a kind of bus monitor that improves the SOC security of system is proposed, described bus monitor is arranged between system bus and the system control unit, comprise dispensing unit, condition judgment unit, valid data selected cell, hardware algorithm unit and comparison output unit, wherein:
Described dispensing unit is used to be provided with the configuration information that need monitor with the memory bus control signal, and upgrades the state of bus monitor;
Described condition judgment unit is according to the configuration information of dispensing unit, and in conjunction with the current bus behavioural information that bus control signal provides, judging whether needs to start supervisory work, when needs are monitored, generates control signal to the valid data selected cell;
Described valid data selected cell is according to the control information of condition judgment unit and the configuration information of dispensing unit, key from the bus address of bus access, bus master number, bus read data or write data and dispensing unit is selected bus and is monitored data to be calculated, and send into the hardware algorithm unit, notice hardware algorithm unit is treated computational data and is carried out computing;
Described hardware algorithm unit carries out computing according to the control signal that dispensing unit, condition judgment unit send to the data to be calculated of valid data selected cell output, and final calculation result is sent to the comparison output unit;
Described relatively output unit compares the result of hardware algorithm unit output with the condition that dispensing unit presets, triggering alerting signal when inconsistent, and be sent to system control unit.
The present invention also proposes a kind of bus method for monitoring of the SOC of raising security of system, comprises the following steps:
Step 1. is provided with the configuration information that needs in the bus monitoring process in dispensing unit;
Step 3. valid data selected cell is according to the control information of condition judgment unit, the data of from bus address, bus master number, bus read data or write data, dispensing unit output key, selecting to be calculated, and data to be calculated are sent to the hardware algorithm unit, indication hardware algorithm unit carries out computing to it;
The control signal that the described hardware algorithm of step 4. unit sends according to the valid data selected cell is treated computational data and is carried out computing by the selected algorithm of dispensing unit, and final calculation result is sent to the comparison output unit;
The described relatively output unit of step 5. compares the result of hardware algorithm unit output with the expected result that dispensing unit presets, triggering alerting signal and be sent to system control unit when inconsistent;
Step 6. when bus monitor finish once effectively visit computing after, its inner counter increases progressively automatically, and returns step 2 and repeat to monitor; After bus monitor is finished effective access times that dispensing unit monitors the length register definition, can stop to monitor according to the control mode of control register, or wait when satisfying the bus access that monitors initial conditions next time and taking place, repeat supervision.
Compared with prior art, the present invention has following beneficial effect:
1, the present invention is in considering traditional safe SOC chip; stress behavior to important data protection; pay close attention to not enough to the effect of protection; a kind of possible risk is: the protection behavior had been lost efficacy under malicious attack or chance failure; system but can not in time take to remedy safety practice, thereby causes leakage of information.The present invention is by monitoring safe SOC chip bus sequence visit behavior, can in time sound a warning to improper bus sequence visit behavior to system, help system in time to take to remedy safety practice, realized a kind of bus monitor of the SOC of raising system information safety;
2, the present invention can effectively improve the resistivity of SOC system to fault attacks, can be in time security configuration or key procedure be given a warning to system in malice fault or the misdeed that is not intended under the fault, and the assurance system can in time take the safety practice remedied;
3, the present invention can solve the integrality and the authenticity of security configuration process and key procedure from final bus transfer passage, and the raising system is to security configuration data and key procedure tamper-resistance;
4, the present invention treats the configurability of monitoring data in the complicacy of considering bus timing itself, and the configurability that monitors length, has realized the real time monitoring to the bus behavior;
5, the present invention carries out the integral algorithm computing to the bus address and the data of specific access sequence in the safety SOC system operational process with configurable key, judges by more final operation result and expected result whether the specific access sequence is distorted;
6, the present invention can prevent that bus address or significant data are forged or are attacked;
7, the present invention can prevent that the bus master from pretending to be another bus master to initiate bus access;
8, the present invention is after the bus sequence of finishing regulation monitors, according to the security of system needs, whether the user can determine to repeat to monitor;
9, the present invention does not influence the system bus behavior;
10, there is the situation that crashes or collapse in the present invention in the system that considers, and causing the bus wait timeout, the configurable max-timeout latent period of user is when the bus wait surpasses default maximum wait period, then note overtime all behaviors of bus take place, and provide overtime caution signal.The SOC system can be according to overtime warning message force revert bus transfer, and carries out abnormality processing.This mechanism has prevented that effectively safe SOC system is in the improper behavior of unexpected waiting-timeout situation for a long time, has improved the work efficiency of bus, guarantees the timely execution of some mission criticals;
11, the present invention is adapted to the safe SOC system of data sensitive, pregnable many application scenarioss especially, and is easy to integratedly, whole SOC chip sequential and performance is not caused burden.
Description of drawings
Below in conjunction with accompanying drawing and preferred embodiment the present invention is described in detail, wherein:
Fig. 1 is the inner structure synoptic diagram of bus monitor of the present invention in safety SOC chip;
Fig. 2 is the theory diagram of bus monitor among Fig. 1;
Fig. 3 is the workflow diagram of bus monitor;
Fig. 4 is the connection schematic block diagram of bus monitor in the unibus safety SOC chip;
Fig. 5 is the connection schematic block diagram of bus monitor in the multibus safety SOC chip.
Embodiment
Core concept of the present invention is: to the real time monitoring that carries out of the bus transfer sequence that relates to safety-critical, the bus transfer sequence behavior of Jian Shiing does not meet anticipatory behavior if desired, then judge the bus transfer sequence because be not intended to fault or malice fault or distort reason such as attack unusual, in time give a warning to system, the assurance system can handle in time that this is unusual.
The safe SOC(System on Chip that Fig. 1 proposes for the present invention) the inner structure synoptic diagram of built-in bus monitor in the chip.Comprising: SOC system bus 1, be installed in bus monitor 21 and system control unit 22 in the SOC chip 2.SOC system bus 1 is the critical passage of data carrying in the safe SOC chip, main equipment (as CPU, DMA) is all finished transmission by SOC system bus 1 to the operation that slave unit (as sheet internal memory RAM etc.) carries out data, so SOC system bus 1 is being played the part of very important role in safety SOC chip.
As shown in Figure 2, the bus monitor 21 of the present invention's proposition comprises effective data selection unit 201, condition judgment unit 202, overtime detecting unit 203, dispensing unit 204, hardware algorithm unit 205 and compares output unit 206.According to design requirement, the design of each unit module realizes all can in time making appropriate adjustment.
Dispensing unit 204 is used for memory bus monitor arrangement information, mainly is made up of control register, supervision initial address register, supervision length register, main equipment register, preset key register, expectation supervision result register, bus state register, overtime register and Fault Address Register etc.The function that each register parts are realized is described in detail as follows:
Control register is used for writing down the conventional configuration information of main equipment to bus monitor 21, bus monitor 21 need move according to these configuration informations, comprise the monitor enable bit, this is the overall control bit of bus monitor 21, the user can be effective or disarmed state by this position of configuration, inspects bus monitor 21 to enable or not enable bus; The trigger mode control bit of bus monitor 21 is selected from following two kinds of patterns by disposing this realization supervision start-up mode: begin immediately to monitor or begin to monitor from assigned address; Repeat to monitor and enable control bit, be different conditions decision whether startup repetition function for monitoring by disposing this position, repeat function for monitoring if start, after finishing the supervision of appointment effective length sequence, when guard condition is satisfied in next bus behavior, start supervision once more, otherwise after finishing the supervision of effective length sequence, stop to monitor; Overtime supervision control bit determines the whether overtime behavior of monitor bus by disposing this; The guard condition control bit is with deciding the bus access sequence which bus access is only needs supervision; Monitoring algorithms is selected the position, and according to security needs, the deviser can programme voluntarily, and behavior monitors which kind of algorithm of decision use to bus; Data to be calculated are selected the position, and indication selects part or full content as data to be calculated from the bus master that satisfies guard condition number, bus address, bus read data, bus write data and preset key.
Monitor that initial address register is used for the initial monitor address of record trunk monitor 21.When the trigger mode control bit be chosen as begin from assigned address to monitor after, under the situation that guard condition satisfies, when bus monitor 21 monitors this start address of bus operation matching addresses, just start to monitor, otherwise bus monitor is in the not idle condition of execution monitoring.
Monitor that length register is used for the valid bus access sequence length that recording user needs bus monitor 21 to monitor.After function for monitoring starts, whenever monitor the bus access of complete fulfillment guard condition, monitor that length register increases progressively once, after finishing the specified length of supervision length register, this bus sequence monitors and finishes.The valid data selected cell 201 of bus monitor 21 is selected the controlled condition of position and condition judgment unit 202 according to data to be calculated, from the bus master that satisfies guard condition number, bus address, bus read data, bus write data and preset key, select part or full content as data to be calculated, deliver to hardware algorithm unit 205 and carry out computing, relatively output unit 206 starts comparing function, and comparative result is delivered to system control unit 22.
The main equipment register is used for configuration bus monitor 21 major device number to be monitored.If guard condition HRP-configured master device number coupling then has only main equipment that bus monitor 21 detects current bus operation with in the main equipment register during one or more major device numbers coupling, just satisfy guard condition.This function can prevent that certain non-safe bus master from pretending to be another bus master to initiate bus access.When bus monitor 21 detects the main equipment of current executable operations when illegal, the information that in time gives a warning stops key message to be obtained or destroy by illegality equipment.
The preset key register is used for the key that the configuration monitoring process is used, and this key is not readable.In the bus monitor 21 of the present invention's design, key can participate in computing at certain fixing point, also can participate in computing in real time, can prevent effectively that the assailant from distorting expected result according to the bus monitor principle, further guarantee the integrality and the security of monitoring process.
After expectation monitors that result register is used to be configured in designated length bus sequence supervision end, the operation result of the monitoring data of user expectation.
The bus state register be used to be recorded in finish specified length bus ordered sequence and monitor after; relatively output unit 206 writes final comparative results (normal or make mistakes) wherein, and whether the user can inquire about certain section bus operation by the bus state register in the dispensing unit 204 normal.Simultaneously, bus monitor monitors to other bus behavior such as overtime etc. also will in the bus state register, reflect.The existence of this register has guaranteed that main equipment can know the bus behavior at any time.
Overtime register is used to write down maximum bus apparatus latent period.The user can make appropriate configuration according to the needs of system itself, such as when existing certain equipment often to need long latent period in the system, can give bigger value of overtime register configuration.Usually, when the overtime register of configuration, need assess, draw a suitable value, promptly can not report overtime behavior by mistake and also can not fail to report overtime behavior, guarantee the work efficiency of bus the SOC system equipment.When bus timeout, bus monitor will in time send overtime caution signal, and indication mechanism forces to finish current bus access, and anti-locking system causes the potential safety hazard or the system failure because of bus timeout.
Fault Address Register is used for the address that overtime fault takes place record trunk, after overtime detecting unit 203 detects the bus timeout behavior, to be written to Fault Address Register to the bus address that timeout mode takes place, main equipment can obtain bus timeout information by reading this register.
Condition judgment unit 202 is main logic unit of the present invention, is mainly used to judge whether bus operation satisfies the guard condition of bus monitor 21.The guard condition control bit that it provides according to dispensing unit 203 comprises that to bus the control information of address filters in real time.Indication valid data selected cell 201 obtains effective content and sends into hardware algorithm unit 205 and calculate when bus operation satisfies guard condition; If bus operation does not satisfy guard condition, then ignore this bus operation.The condition judgment unit can be the one or more of following condition to the filtercondition of bus operation: major device number coupling or not, instruction fetch operation or data transfer operation, read access or write access, privilege access or generic access or the like.Utilize the major device number matching condition, can monitor the bus operation of designated master device number; Utilize the instruction fetch operation condition, can the monitor microprocessors execution process instruction.If be indifferent to major device number, can not enable the major device number matching feature, can accessing operations all on the bus all be monitored like this.The condition judgment unit judges also the bus sequence of specified length monitors whether finish, and sends to hardware algorithm unit 205 finishing indicator signal.
Valid data selected cell 201, control information according to the condition judgment unit, to satisfying the bus operation of guard condition, the data of from bus address, bus master number, bus read data or write data, dispensing unit output key, selecting to be calculated, and data set to be calculated is made into the form that makes things convenient for computing is sent to hardware algorithm unit 205, indication hardware algorithm unit carries out computing to it.
Relatively output unit 206 is responsible for realizing expectation in hardware algorithm unit 205 final computing gained results and the dispensing unit 204 is monitored that the result register value compares in the present invention, if the two is inconsistent, think that promptly the behavior of bus sequence is because attack or failure and other reasons take place unusual, information in time gives a warning, deliver to system control unit 22, system control unit 22 is according to user's configuration in advance, make rational response at the bus sequence errors, such as requiring the master and slave equipment of cpu reset or part to quit work etc.This real-time treatment mechanism has guaranteed that system's significant data under under attack, situation about destroying, can make system-level response according to the safe class of information, has guaranteed the safety of whole security system to the full extent.
Whether overtime detecting unit 203 is used for detecting the SOC bus overtime.The maximum bus latent period that it is provided with according to overtime register in current bus control signal and the dispensing unit 204, whether monitor bus operation in real time exists overtime behavior; When the bus latent period surpasses the set maximum bus latent period of overtime register, overtime detecting unit 203 triggers overtime warning message, deliver to system control unit 22, system control unit 22 is according to user's configuration in advance, and rational response is made in behavior at bus timeout.A kind of common overtime response mechanism is: system forces to finish the super work of current bus earlier, carries out exception handler then this overtime behavior is handled.This mechanism has prevented that effectively safe SOC system is in the improper behavior of unexpected waiting-timeout situation for a long time, guarantees the timely execution of some mission criticals, guarantees that system does not cause the potential safety hazard or the system failure because of accident is overtime.
Above process all is to carry out under the prerequisite that does not influence safe SOC system operate as normal, has both guaranteed the integrality of system works, has realized the security function of system again.
As shown in Figure 3, this is the workflow diagram of bus monitor 21 of the present invention, specifically comprises the following steps:
Step 1. is provided with the configuration information that needs in the bus monitoring process in dispensing unit;
Step 3. valid data selected cell is according to the control information of condition judgment unit, the data of from bus address, bus master number, bus read data or write data, dispensing unit output key, selecting to be calculated, and data to be calculated are sent to the hardware algorithm unit, indication hardware algorithm unit carries out computing to it;
The control signal that the described hardware algorithm of step 4. unit sends according to the valid data selected cell is treated computational data and is carried out computing by the selected algorithm of dispensing unit, and final calculation result is sent to the comparison output unit;
The described relatively output unit of step 5. compares the result of hardware algorithm unit output with the expected result that dispensing unit presets, triggering alerting signal and be sent to system control unit when inconsistent;
Step 6. when bus monitor finish once effectively visit computing after, its inner counter increases progressively automatically, and returns step 2 and repeat to monitor; After bus monitor is finished effective access times that dispensing unit monitors the length register definition, can stop to monitor according to the control mode of control register, or wait when satisfying the bus access that monitors initial conditions next time and taking place, repeat supervision.
In the work, bus monitor is at first according to relevant register configuration in the dispensing unit 204, work behavior in conjunction with current bus, judge whether to bus monitor and monitor bus on which information (data, address etc.), the bus control information is as treating that monitoring data delivers to the hardware algorithm circuit and carry out computing, key can participate in computing in real time according to security needs, after the sequence of finishing designated length monitors, operation result and expectation value are compared, if unanimity as a result, illustrate that transmission is errorless, finish subsequent treatment by system controller otherwise provide warning message.If register configuration monitors that for repeating then after finishing this supervision, bus monitor repeats data flow shown in Figure 3.If desired the one section bus sequence behavior after the system reset is monitored that the default configuration of dispensing unit can be set to begin immediately monitor, monitors that the length register default setting is a rational nonzero value.After system starts working, the length and the expected result of this section bus sequence that should in time after the dispensing unit renewal resets, monitor.System reset like this, bus monitor will monitor the bus sequence behavior after resetting immediately; If the supervision length register of untimely configuration bus monitor and expected result register then monitor after the bus sequence of finishing default-length monitors and will give a warning to system; If in time disposed supervision length register and expected result register, whether monitor resets back designated length bus access sequence because attack or fault take place unusual with surveillance.
As shown in Figure 4, this is the safe SOC chip system of a typical unibus structure, comprising the bus monitor 21(1 that RAM407, memory interface 405, the present invention propose on a plurality of main equipments such as processor 401, DMA402 and the sheet) and bus monitor 21(2) etc. slave unit, system bus 404 couples together main equipment and slave unit as the transmission channel of data.Different with general safe SOC chip system is, integrated two separate bus monitors of the present invention 21 directly carry out real time monitoring to the SOC bus in this system, and the security performance of safe SOC chip will improve greatly.
As shown in Figure 5, this is the safe SOC chip system of a typical multiple bus architecture, has wherein comprised processor 501 equally, RAM509, high bandwidth memory interface 508, bus monitor of the present invention on a plurality of main equipments such as DMA402 and the sheet
21(1), bus monitor
21(2)Deng slave unit, system bus 505 and system bus 506 have constituted the multibus data transmission channel, and bus gating matrix 503 realizes the different address areas of a plurality of bus parallel interleaving access.
In the safe SOC chip system of multiple bus architecture, difference according to bus number, the quantity of bus monitor 21 is done corresponding change, be used for every bus is monitored in Fig. 5, bus monitor 21(1 respectively) be used for surveillance bus 505, bus monitor 21(2) is used for surveillance bus 506, independent mutually between each bus monitor 21, other behaviors are with unibus SOC systems compliant, and this has just guaranteed the safety of all buses in the safe SOC chip system.
The method according to this invention, behavior monitors to bus in real time under the situation that does not influence bus access efficient, whether detection system pays close attention to the behavior of specific bus access sequence because accident or malice fault attacks change; If specific bus access sequence behavior changes, the present invention will sound a warning to system, take suitable safety practice prevention potential safety hazard by system, prevent confidential information because the security of system operation is not correctly carried out and leaked.
The present invention also can monitor SOC bus protocol mistake, and gives system to make appropriate responsive this error reporting.The present invention also monitors the SOC bus because the bus timeout that misoperation or other reason cause, and gives system with overtime situation report; System can take appropriate measures and in time recover bus operation, prevents some mission criticals because bus timeout can not get carrying out.
In sum, the invention provides bus monitor and its implementation of a kind of SOC of raising system information safety, guarantee safe SOC chip at key message via the integrality in the handling process of bus, real-time and security, improve the work efficiency of system bus, improve the ability that information safety system stability and fault-resistant are attacked.
Although the present invention and some advantages thereof are described in detail in the above-described embodiment; yet; the person of ordinary skill in the field should be realized that; within the spirit and principles in the present invention; can make any modification, improvement, expansion etc., these modifications, improvement, expansion all are encompassed within protection scope of the present invention.
Claims (9)
1. bus monitor that improves the SOC security of system, it is characterized in that, described bus monitor is arranged between system bus and the system control unit, comprises dispensing unit, condition judgment unit, valid data selected cell, hardware algorithm unit and comparison output unit, wherein:
Described dispensing unit is used to be provided with the configuration information that need monitor with the memory bus control signal, and upgrades the state of bus monitor;
Described condition judgment unit is according to the configuration information of dispensing unit, and in conjunction with the current bus behavioural information that bus control signal provides, judging whether needs to start supervisory work, when needs are monitored, generates control signal to the valid data selected cell;
Described valid data selected cell is according to the control information of condition judgment unit and the configuration information of dispensing unit, key from the bus address of bus access, bus master number, bus read data or write data and dispensing unit is selected bus and is monitored data to be calculated, and send into the hardware algorithm unit, notice hardware algorithm unit is treated computational data and is carried out computing;
Described hardware algorithm unit carries out computing according to the control signal that dispensing unit, condition judgment unit send to the data to be calculated of valid data selected cell output, and final calculation result is sent to the comparison output unit;
Described relatively output unit compares the result of hardware algorithm unit output with the condition that dispensing unit presets, triggering alerting signal when inconsistent, and be sent to system control unit.
2. bus monitor according to claim 1 is characterized in that: also comprise overtime detecting unit, whether this unit real time monitoring bus control signal is overtime, and when overtime situation occurring, sends signal to system control unit.
3. bus monitor according to claim 1 is characterized in that: described dispensing unit comprises control register, is used to realize the difference control to the bus monitor work behavior; Monitor initial address register, be used for the bus access start address that the memory bus monitor begins to monitor; Monitor length register, be used for the number of times of the valid bus visit of configuration bus monitor supervision; At least one main equipment register is used for the bus access that configuration monitoring is specified bus master; The preset key register is used to store preset key; Expectation monitors result register, is used to store the supervision result of expectation; Overtime register is used for the maximum wait period of memory bus, when the bus latent period surpasses the value of this register configuration to the system control unit information that gives a warning.
4. bus monitor according to claim 3 is characterized in that: also comprise a bus state register, be used for the real-time bus state inquiry of main equipment.
5. bus monitor according to claim 3 is characterized in that: also comprise a Fault Address Register, be used for bus monitor monitors behind bus timeout, the address of bus timeout is stored, for the main equipment inquiry.
6. bus monitor according to claim 1 is characterized in that: the content to be calculated that satisfies guard condition in the described bus access includes but are not limited to the preset key of bus address, bus master number, bus read data or write data, dispensing unit output; The valid data selected cell is selected the part or all of as data to be calculated of these contents according to the configuration information of dispensing unit output.
7. bus monitor according to claim 1 is characterized in that: CRC algorithm, HASH algorithm are selected in described hardware algorithm unit, or symmetric encipherment algorithm is treated computational data and carried out computing.
8. a bus method for monitoring that improves the SOC security of system is characterized in that comprising the following steps:
Step 1. is provided with the configuration information that needs in the bus monitoring process in dispensing unit;
Step 2. condition judgment unit is according to the configuration information of dispensing unit, the current bus behavioural information that provides in conjunction with bus control signal, judge whether bus is monitored, and generate control signal, send data to be calculated to the hardware algorithm unit to control valid data unit;
Step 3. valid data selected cell is according to the control information of condition judgment unit, the data of from bus address, bus master number, bus read data or write data, dispensing unit output key, selecting to be calculated, and data to be calculated are sent to the hardware algorithm unit, indication hardware algorithm unit carries out computing to it;
The control signal that the described hardware algorithm of step 4. unit sends according to the valid data selected cell is treated computational data and is carried out computing by the selected algorithm of dispensing unit, and final calculation result is sent to the comparison output unit;
The described relatively output unit of step 5. compares the result of hardware algorithm unit output with the expected result that dispensing unit presets, triggering alerting signal and be sent to system control unit when inconsistent;
Step 6. when bus monitor finish once effectively visit computing after, its inner counter increases progressively automatically, and returns step 2 and repeat to monitor; After bus monitor is finished effective access times that dispensing unit monitors the length register definition, can stop to monitor according to the control mode of control register, or wait when satisfying the bus access that monitors initial conditions next time and taking place, repeat supervision.
9. method according to claim 8 is characterized in that: described configuration information comprises monitor enable bit, trigger mode control bit, guard condition, repeat to monitor that enabling control bit, overtime supervision control bit, monitoring algorithms selects position, data to be calculated to select position, preset key, supervision start address and/or expected result.
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010105409948A CN101989242B (en) | 2010-11-12 | 2010-11-12 | Bus monitor for improving safety of SOC (System on a Chip) as well as realizing method thereof |
US13/322,086 US8601536B2 (en) | 2010-11-12 | 2011-02-28 | Bus monitor for enhancing SOC system security and realization method thereof |
PCT/CN2011/000326 WO2012062023A1 (en) | 2010-11-12 | 2011-02-28 | Bus monitor for improving system safety of system on chip (soc) and realizing method thereof |
EP11784403.5A EP2472408B1 (en) | 2010-11-12 | 2011-02-28 | Bus monitor for improving system safety of system on chip (soc) and realizing method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010105409948A CN101989242B (en) | 2010-11-12 | 2010-11-12 | Bus monitor for improving safety of SOC (System on a Chip) as well as realizing method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101989242A true CN101989242A (en) | 2011-03-23 |
CN101989242B CN101989242B (en) | 2013-06-12 |
Family
ID=43745781
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2010105409948A Active CN101989242B (en) | 2010-11-12 | 2010-11-12 | Bus monitor for improving safety of SOC (System on a Chip) as well as realizing method thereof |
Country Status (4)
Country | Link |
---|---|
US (1) | US8601536B2 (en) |
EP (1) | EP2472408B1 (en) |
CN (1) | CN101989242B (en) |
WO (1) | WO2012062023A1 (en) |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102508750A (en) * | 2011-10-27 | 2012-06-20 | 青岛海信信芯科技有限公司 | Device and method for detecting internal modules of SOC (system-on-chip) |
CN102592083A (en) * | 2011-12-27 | 2012-07-18 | 深圳国微技术有限公司 | Storage protecting controller and method for improving safety of SOC (system on chip) |
CN103810074A (en) * | 2012-11-14 | 2014-05-21 | 华为技术有限公司 | System-on-chip and corresponding monitoring method |
CN104219573A (en) * | 2014-09-01 | 2014-12-17 | 联想(北京)有限公司 | Data processing method and system on chip |
CN107358123A (en) * | 2016-05-10 | 2017-11-17 | 中国科学院微电子研究所 | A kind of safety detection method and device |
WO2018076650A1 (en) * | 2016-10-31 | 2018-05-03 | 深圳市中兴微电子技术有限公司 | Method and device for monitoring axi bus, and computer readable storage medium |
CN108416220A (en) * | 2017-02-09 | 2018-08-17 | 深圳市中兴微电子技术有限公司 | A kind of access control method and device |
CN109491856A (en) * | 2017-09-12 | 2019-03-19 | 中兴通讯股份有限公司 | Monitoring bus system, method and device |
CN113190400A (en) * | 2021-04-19 | 2021-07-30 | 思澈科技(上海)有限公司 | Bus monitoring module and monitoring method suitable for AHB protocol |
CN113672510A (en) * | 2021-08-19 | 2021-11-19 | 长沙海格北斗信息技术有限公司 | Software program debugging method for SoC system |
CN113761560A (en) * | 2021-09-15 | 2021-12-07 | 北京中科胜芯科技有限公司 | On-chip bus system safety transmission device suitable for Soc FPGA |
CN115391132A (en) * | 2022-06-14 | 2022-11-25 | 北京中科昊芯科技有限公司 | Monitoring and diagnosing device and chip |
CN116938451A (en) * | 2023-09-14 | 2023-10-24 | 飞腾信息技术有限公司 | Password operation method, device, system on chip and equipment |
CN117009185A (en) * | 2023-09-14 | 2023-11-07 | 飞腾信息技术有限公司 | Bus monitoring method, device, system on chip and equipment |
CN117130668A (en) * | 2023-10-27 | 2023-11-28 | 南京沁恒微电子股份有限公司 | Processor fetch redirection time sequence optimizing circuit |
CN117521570A (en) * | 2024-01-05 | 2024-02-06 | 北京凯芯微科技有限公司 | Bus timeout detection circuit, method, chip and electronic equipment |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102662782B (en) * | 2012-04-17 | 2014-09-03 | 华为技术有限公司 | Method and device for monitoring system bus |
CN103856364A (en) * | 2012-12-04 | 2014-06-11 | 鸿富锦精密工业(深圳)有限公司 | Bus signal monitoring device and method |
DE102013203365A1 (en) * | 2013-02-28 | 2014-08-28 | Siemens Aktiengesellschaft | Method and circuit arrangement for controlled accesses to slave units in a one-chip system |
KR20140113175A (en) * | 2013-03-15 | 2014-09-24 | 삼성전자주식회사 | Bus Protocol Checker, System on Chip having the same and Method for checking bus protocol |
DE102013216699A1 (en) | 2013-08-22 | 2015-02-26 | Siemens Ag Österreich | Method and circuit arrangement for securing against scanning of an address space |
CN104572515B (en) * | 2013-10-28 | 2019-05-31 | 锐迪科(重庆)微电子科技有限公司 | Tracking module, method, system and on-chip system chip |
US9268970B2 (en) | 2014-03-20 | 2016-02-23 | Analog Devices, Inc. | System and method for security-aware master |
CN104268487B (en) * | 2014-09-23 | 2017-04-26 | 杭州晟元数据安全技术股份有限公司 | Reset and self-destruction management system for security chip |
KR20180074197A (en) | 2016-12-23 | 2018-07-03 | 삼성전자주식회사 | Bus traffic control apparatus and bus system having the same |
DE102017219242A1 (en) * | 2017-10-26 | 2019-05-02 | Audi Ag | One-chip system, method for operating a one-chip system and motor vehicle |
WO2019112606A1 (en) * | 2017-12-08 | 2019-06-13 | Hewlett-Packard Development Company, L.P. | Blocking systems from responding to bus mastering capable devices |
KR102600704B1 (en) * | 2018-12-05 | 2023-11-08 | 현대자동차주식회사 | Method and apparatus for protecting confidential information in an electric car power transmission system |
CN111078492B (en) * | 2019-10-25 | 2023-07-21 | 芯创智(上海)微电子有限公司 | State monitoring system and method for SoC internal bus |
DE102021200411A1 (en) | 2021-01-18 | 2022-07-21 | Robert Bosch Gesellschaft mit beschränkter Haftung | Bus system with error detection function |
US20240095367A1 (en) * | 2022-05-09 | 2024-03-21 | Amazon Technologies, Inc. | Verifying encryption of data traffic |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1423198A (en) * | 2001-11-29 | 2003-06-11 | 三星电子株式会社 | Data bus apparatus and control method for effectively compensating fault signal line |
CN101086713A (en) * | 2006-06-06 | 2007-12-12 | 松下电器产业株式会社 | Bus watch circuit |
CN101334760A (en) * | 2007-06-26 | 2008-12-31 | 展讯通信(上海)有限公司 | Method, device for controlling bus illegal operation and system embodying the device |
CN101667152A (en) * | 2009-09-23 | 2010-03-10 | 华为技术有限公司 | Computer system and method for monitoring bus of same |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0760978B1 (en) * | 1994-05-26 | 2004-09-29 | The Commonwealth Of Australia | Secure computer architecture |
JP4008086B2 (en) * | 1998-02-04 | 2007-11-14 | 沖電気工業株式会社 | Data monitor circuit |
US6141757A (en) * | 1998-06-22 | 2000-10-31 | Motorola, Inc. | Secure computer with bus monitoring system and methods |
US6986052B1 (en) * | 2000-06-30 | 2006-01-10 | Intel Corporation | Method and apparatus for secure execution using a secure memory partition |
US7277972B2 (en) * | 2002-03-08 | 2007-10-02 | Freescale Semiconductor, Inc. | Data processing system with peripheral access protection and method therefor |
US20030221030A1 (en) * | 2002-05-24 | 2003-11-27 | Timothy A. Pontius | Access control bus system |
US8266444B2 (en) * | 2002-11-27 | 2012-09-11 | Entropic Communications, Inc. | Chip integrated protection means |
US20050204155A1 (en) * | 2004-03-09 | 2005-09-15 | Nec Laboratories America, Inc | Tamper resistant secure architecture |
EP1619572A1 (en) * | 2004-07-23 | 2006-01-25 | Texas Instruments Incorporated | System and method of identifying and preventing security violations within a computing system |
US8160244B2 (en) * | 2004-10-01 | 2012-04-17 | Broadcom Corporation | Stateless hardware security module |
US7958396B2 (en) * | 2006-05-19 | 2011-06-07 | Microsoft Corporation | Watchdog processors in multicore systems |
US8560863B2 (en) * | 2006-06-27 | 2013-10-15 | Intel Corporation | Systems and techniques for datapath security in a system-on-a-chip device |
CN100395733C (en) * | 2006-08-01 | 2008-06-18 | 浪潮齐鲁软件产业有限公司 | Method for improving SOC chip security dedicated for financial tax control |
US20090094702A1 (en) * | 2007-10-04 | 2009-04-09 | Mediatek Inc. | Secure apparatus, integrated circuit, and method thereof |
-
2010
- 2010-11-12 CN CN2010105409948A patent/CN101989242B/en active Active
-
2011
- 2011-02-28 WO PCT/CN2011/000326 patent/WO2012062023A1/en active Application Filing
- 2011-02-28 US US13/322,086 patent/US8601536B2/en not_active Expired - Fee Related
- 2011-02-28 EP EP11784403.5A patent/EP2472408B1/en not_active Not-in-force
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1423198A (en) * | 2001-11-29 | 2003-06-11 | 三星电子株式会社 | Data bus apparatus and control method for effectively compensating fault signal line |
CN101086713A (en) * | 2006-06-06 | 2007-12-12 | 松下电器产业株式会社 | Bus watch circuit |
CN101334760A (en) * | 2007-06-26 | 2008-12-31 | 展讯通信(上海)有限公司 | Method, device for controlling bus illegal operation and system embodying the device |
CN101667152A (en) * | 2009-09-23 | 2010-03-10 | 华为技术有限公司 | Computer system and method for monitoring bus of same |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102508750A (en) * | 2011-10-27 | 2012-06-20 | 青岛海信信芯科技有限公司 | Device and method for detecting internal modules of SOC (system-on-chip) |
CN102592083A (en) * | 2011-12-27 | 2012-07-18 | 深圳国微技术有限公司 | Storage protecting controller and method for improving safety of SOC (system on chip) |
US9952963B2 (en) | 2012-11-14 | 2018-04-24 | Huawei Technologies Co., Ltd. | System on chip and corresponding monitoring method |
CN103810074A (en) * | 2012-11-14 | 2014-05-21 | 华为技术有限公司 | System-on-chip and corresponding monitoring method |
CN103810074B (en) * | 2012-11-14 | 2017-12-29 | 华为技术有限公司 | A kind of on-chip system chip and corresponding monitoring method |
CN104219573A (en) * | 2014-09-01 | 2014-12-17 | 联想(北京)有限公司 | Data processing method and system on chip |
CN107358123B (en) * | 2016-05-10 | 2020-11-03 | 中国科学院微电子研究所 | Safety detection method and device |
CN107358123A (en) * | 2016-05-10 | 2017-11-17 | 中国科学院微电子研究所 | A kind of safety detection method and device |
CN108009065A (en) * | 2016-10-31 | 2018-05-08 | 深圳市中兴微电子技术有限公司 | The method and apparatus for monitoring AXI buses |
CN108009065B (en) * | 2016-10-31 | 2020-02-07 | 深圳市中兴微电子技术有限公司 | Method and apparatus for monitoring AXI bus |
WO2018076650A1 (en) * | 2016-10-31 | 2018-05-03 | 深圳市中兴微电子技术有限公司 | Method and device for monitoring axi bus, and computer readable storage medium |
CN108416220A (en) * | 2017-02-09 | 2018-08-17 | 深圳市中兴微电子技术有限公司 | A kind of access control method and device |
CN108416220B (en) * | 2017-02-09 | 2021-02-09 | 深圳市中兴微电子技术有限公司 | Access control method and device |
CN109491856A (en) * | 2017-09-12 | 2019-03-19 | 中兴通讯股份有限公司 | Monitoring bus system, method and device |
CN113190400A (en) * | 2021-04-19 | 2021-07-30 | 思澈科技(上海)有限公司 | Bus monitoring module and monitoring method suitable for AHB protocol |
CN113672510B (en) * | 2021-08-19 | 2024-04-16 | 长沙海格北斗信息技术有限公司 | Software program debugging method for SoC system |
CN113672510A (en) * | 2021-08-19 | 2021-11-19 | 长沙海格北斗信息技术有限公司 | Software program debugging method for SoC system |
CN113761560A (en) * | 2021-09-15 | 2021-12-07 | 北京中科胜芯科技有限公司 | On-chip bus system safety transmission device suitable for Soc FPGA |
CN115391132A (en) * | 2022-06-14 | 2022-11-25 | 北京中科昊芯科技有限公司 | Monitoring and diagnosing device and chip |
CN115391132B (en) * | 2022-06-14 | 2024-03-29 | 北京中科昊芯科技有限公司 | Monitoring and diagnosing device and chip |
CN117009185A (en) * | 2023-09-14 | 2023-11-07 | 飞腾信息技术有限公司 | Bus monitoring method, device, system on chip and equipment |
CN116938451B (en) * | 2023-09-14 | 2023-12-22 | 飞腾信息技术有限公司 | Password operation method, device, system on chip and equipment |
CN116938451A (en) * | 2023-09-14 | 2023-10-24 | 飞腾信息技术有限公司 | Password operation method, device, system on chip and equipment |
CN117130668A (en) * | 2023-10-27 | 2023-11-28 | 南京沁恒微电子股份有限公司 | Processor fetch redirection time sequence optimizing circuit |
CN117130668B (en) * | 2023-10-27 | 2023-12-29 | 南京沁恒微电子股份有限公司 | Processor fetch redirection time sequence optimizing circuit |
CN117521570A (en) * | 2024-01-05 | 2024-02-06 | 北京凯芯微科技有限公司 | Bus timeout detection circuit, method, chip and electronic equipment |
CN117521570B (en) * | 2024-01-05 | 2024-04-02 | 北京凯芯微科技有限公司 | Bus timeout detection circuit, method, chip and electronic equipment |
Also Published As
Publication number | Publication date |
---|---|
EP2472408A1 (en) | 2012-07-04 |
CN101989242B (en) | 2013-06-12 |
WO2012062023A1 (en) | 2012-05-18 |
US20130219452A1 (en) | 2013-08-22 |
EP2472408B1 (en) | 2015-07-29 |
EP2472408A4 (en) | 2013-07-31 |
US8601536B2 (en) | 2013-12-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101989242B (en) | Bus monitor for improving safety of SOC (System on a Chip) as well as realizing method thereof | |
CN108573144B (en) | Secure execution context data | |
CN100489805C (en) | Autonomous memory checker for runtime security assurance and method therefore | |
CN103140841B (en) | The method and apparatus of the part of protected storage | |
TWI395138B (en) | Microprocessor having a secure execution mode with provisions for monitoring, indicating, and managing security levels | |
TWI385574B (en) | Microprocessor apparatus for secure on-die real-time clock | |
CN101176069A (en) | Method and system for validating a computer system | |
JPH0752389B2 (en) | Computer software usage control device | |
CN101952831A (en) | Computer system with primary processor and security boundary auxiliary processor | |
JP6017709B2 (en) | Tiered virtual machine integrity monitoring | |
TW202046099A (en) | Detecting security threats by monitoring chains of configuration changes made to basic input/output system (bios) or unified extensible firmware interface (uefi) attributes | |
CN113557516A (en) | Alarm handling | |
CN110069361A (en) | Method and device for TPM (trusted platform Module) failover | |
TWI772988B (en) | System for verifying integrity of content of register and method thereof | |
US20140136806A1 (en) | Authenticated Operations and Event Counters | |
CN101369141B (en) | Protection unit for a programmable data processing unit | |
CN104750594A (en) | Monitoring device for monitoring a circuit | |
CN107341085B (en) | Control device | |
JPH08508352A (en) | Safe critical processor and processing method for data processing system | |
JP2002543492A (en) | Protection of the computer core against external manipulation | |
CN109583196B (en) | Key generation method | |
US9213864B2 (en) | Data processing apparatus and validity verification method | |
CN106874796A (en) | The safety detection and fault-tolerance approach of instruction stream in system operation | |
CN109598150B (en) | Key using method | |
Liu et al. | Research on cyber security countermeasure technique of safety DCS in nuclear power plant |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address |
Address after: 22A, Guoshi building, 1801 Shahe West Road, high tech Zone, Yuehai street, Nanshan District, Shenzhen City, Guangdong Province Patentee after: GUOWEI GROUP (SHENZHEN) Co.,Ltd. Address before: 518000 Guangdong city of Shenzhen province high tech Industrial Park South high SSMEC building 2F Patentee before: SHENZHEN STATE MICRO TECHNOLOGY Co.,Ltd. |
|
CP03 | Change of name, title or address |